<?php defined( '_MAXSITE' ) or die( 'Restricted access' );

if(empty($_POST['op']))
{
    $match_val = preg_match('/^\w{0,12}$/i', $_GET['c'], $match);
    if($match_val>0 && !empty($match[0]))
    {
        $db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
        $sql = sprintf("SELECT email FROM ".TB_MEMBER." WHERE changepass='%s' LIMIT 1", 
                mysql_real_escape_string($_GET['c'])
                );
        $result = mysql_query($sql);
        $numrow = mysql_num_rows($result);
        if($numrow>0)
        {
        ?>
            <style type="text/css">
                div.form-item{text-align: center;margin-bottom: 12px;}
                input.form-item{padding: 6px;}
                label{display: block;font-weight: bold;}
            </style>
            <script type="text/javascript">
                $(function(){
                    $('form#formnewpass').submit(function(){
                        var newpass=$('#newpass').val();
                        var confirmpass=$('#confirmpass').val();
                        if(newpass=='' || confirmpass=='')
                        {
                            alert('ใส่รหัสผ่านและยืนยันรหัสผ่านด้วยครับ');
                            return false;
                        }
                        else if(newpass!='' && newpass.length<=5)
                        {
                            alert('รหัสผ่านควรมากกว่า 5 ตัวครับ');
                            return false;
                        }
                        else if(newpass!=confirmpass)
                        {
                            alert('ใส่รหัสผ่านให้ตรงกันด้วยครับ');
                            return false;
                        }
                    });
                });
            </script>
            <h3>เปลี่ยนรหัสผ่านใหม่</h3>
            <form action="index.php?name=member&file=newpassword" id="formnewpass" name="formnewpass" method="post" >
                <div class="form-item">
                    <label for="newpass">รหัสผ่านใหม่:</label>
                    <input type="password" id="newpass" name="newpass" class="form-item" />
                </div>
                <div class="form-item">
                    <label for="confirmpass">ยืนยันรหัสผ่านใหม่:</label>
                    <input type="password" id="confirmpass" name="confirmpass" class="form-item" />
                </div>
                <div class="form-item">
                    <input type="submit" name="submit" value="คลิกเพื่อเปลี่ยนรหัส" class="form-item" />
                </div>
                <input type="hidden" name="changepass" value="<?php echo $_GET['c']?>" />
                <input type="hidden" name="op" value="reset" />
            </form>
        <?
        }
    }
    else
    {
        header( 'Location: index.php');
        exit;
    }
}
else if($_POST['op']==='reset')
{
    $db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
    $sql = sprintf("SELECT id, user, email FROM ".TB_MEMBER." WHERE changepass='%s' LIMIT 1", 
            mysql_real_escape_string($_POST['changepass'])
            );
    $result = mysql_query($sql);
    $user = mysql_fetch_object($result);
    $match_val = preg_match('/^\w{0,12}$/i', $_POST['changepass'], $match);
    if($match_val>0 && !empty($match[0]) && $user!==FALSE)
    {
        $newpass = sha1(mysql_real_escape_string($_POST['newpass']));
        $sql = "UPDATE ".TB_MEMBER." SET password='".$newpass."', changepass='' WHERE id=".$user->id." LIMIT 1;";
        mysql_query($sql);
        
        $sql = "SELECT id FROM ".TB_ADMIN." WHERE username IN ('".$user->user."') LIMIT1";
        $result = mysql_query($sql);
        $numrow = mysql_num_rows($result);
        if($numrow>0)
        {
            $admin = mysql_fetch_object($result);
            $newpass = md5(mysql_real_escape_string($_POST['newpass']));
            $sql = "UPDATE ".TB_ADMIN." SET password='".$newpass."' WHERE id=".$admin->id." LIMIT 1;";
            mysql_query($sql);
        }
        
        echo '<b>ทำการเปลี่ยนรหัสผ่านเสร็จเรียบร้อยแล้วครับ</b>';
    }
    else
    {
        header( 'Location: index.php');
        exit;
    }
}
